A podcast that makes you smarter in 20 minutes or less.
…
continue reading
Unencrypted Podcasts
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
…
continue reading
1
Introducing the BSP Maturity Model for Identity
40:46
40:46
Play later
Play later
Lists
Like
Liked
40:46
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the Security Maturity Model, focusing on identity security. They explore the current state of security practices, identifying areas where organizations may be behind the curve, on track, or ahead of the curve in their security measures. Key topics include the importan…
…
continue reading
1
Microsoft Bug Bounty, CISA hiring surge, US goes offensive in cyber ops, OWASP Top 10
42:22
42:22
Play later
Play later
Lists
Like
Liked
42:22
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates in cybersecurity, including Microsoft's overhaul of its bug bounty program, CISA's hiring strategy amidst workforce challenges, the US's shift towards a more aggressive cyber strategy, and insights from the updated OWASP Top 10 vulnerabilities. The…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the growing cybersecurity threat posed by the Chinese state-sponsored group, Salt Typhoon. They discuss the group's tactics, motivations, and the implications for global security. The conversation highlights China's strategic focus on economic power as a means of n…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss vulnerabilities in popular chat applications, particularly focusing on Line and WhatsApp. They explore the implications of these vulnerabilities for user privacy and security, emphasizing the importance of API security and rate limiting. The conversation then shifts t…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the major announcements from Microsoft Ignite, focusing on the introduction of Security Copilot for Microsoft 365 E5 customers, innovations in identity management through Entra, and the integration of Defender for Cloud with GitHub. They also explore the new capabilit…
…
continue reading
1
Unencrypted Satellite Data, China AI Cyberattack
36:56
36:56
Play later
Play later
Lists
Like
Liked
36:56
Summary In this episode of the Blue Security Podcast, hosts Adam Brewer and Andy discuss critical issues surrounding satellite security, particularly the vulnerabilities of unencrypted communications. They explore a recent study revealing how researchers intercepted sensitive data from various satellite communications, highlighting the need for enc…
…
continue reading
1
How Face ID Works, Least Private Browser, Ring and Flock
48:24
48:24
Play later
Play later
Lists
Like
Liked
48:24
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricate relationship between privacy and security, particularly focusing on biometric data and the transition to passwordless technology. They discuss the security implications of various biometric methods, the privacy risks associated with popular web browse…
…
continue reading
1
Microsoft Digital Defense Report 2025
1:04:15
1:04:15
Play later
Play later
Lists
Like
Liked
1:04:15
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft's Digital Defense Report for 2025. The conversation delves into the critical issues surrounding identity attacks, particularly focusing on the vulnerabilities associated with weak passwords. Andy highlights the prevalence of password spraying in i…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant recent cybersecurity events, including the F5 breach attributed to state-backed actors, the implications of Windows 10 reaching end of life, and the risks associated with outdated mobile operating systems. They also explore the geopolitical cont…
…
continue reading
Summary In this episode, Andy Jaw and Adam Brewer discuss the latest updates in Microsoft Sentinel, focusing on the new features such as the Sentinel Data Lake, Sentinel Graph, and the MCP server. They explore how these innovations enhance security operations, improve data management, and leverage AI for better threat detection and response. The co…
…
continue reading
1
WhatsApp banned; Discord, TransUnion, Jaguar-Land Rover hacked
51:08
51:08
Play later
Play later
Lists
Like
Liked
51:08
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss various topics related to cybersecurity, including the security implications of WhatsApp, the challenges of age verification laws, the recent TransUnion data breach, and the significant cyber attack on Jaguar Land Rover. They emphasize the importance of str…
…
continue reading
1
iPhone MIE, Microsoft - Israel MOD, npm supply chain attacks
26:53
26:53
Play later
Play later
Lists
Like
Liked
26:53
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the topic of Kerberosting, a known attack method that exploits weaknesses in the Kerberos authentication protocol, particularly focusing on the vulnerabilities associated with RC4 encryption. They discuss a recent letter from Senator Ron Wyden addressing…
…
continue reading
1
Advanced Data Protection with Special Guest Amren Gill
1:06:31
1:06:31
Play later
Play later
Lists
Like
Liked
1:06:31
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam celebrate their five-year anniversary with guest Amren Gill, a data security solutions engineer at Microsoft. They delve into the complexities of data protection, focusing on Microsoft Purview's capabilities, including data classification, data loss prevention (DLP), and adva…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest developments in Microsoft security technologies, particularly focusing on Entra and its features like Continuous Access Evaluation (CAE) and the integration of threat intelligence into the Global Secure Access (GSA) platform. They reflect on thei…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the concept of FUD (Fear, Uncertainty, and Doubt) prevalent in the cybersecurity industry. They discuss the implications of sensationalized reporting, particularly around Windows Hello for Business vulnerabilities and the importance of adopting fish resistant multi…
…
continue reading
1
Microsoft Licensing Overview - Part 3 - Niche Situations and Azure
48:36
48:36
Play later
Play later
Lists
Like
Liked
48:36
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of Microsoft licensing, focusing on device-based versus user-based licensing, the nuances of shared mailboxes, and the implications of mixing E3 and E5 licenses. They also explore Azure billing models and the costs associated with Securi…
…
continue reading
Summary The hosts, Andy and Adam, delve into the nuances of licensing models, particularly focusing on the differences between frontline and information worker licenses. They explore the F1, F3, and F5 licensing models, highlighting key differences such as access to desktop applications and mailbox sizes. The episode also covers the integration of …
…
continue reading
1
Microsoft Security Licensing Part 1
1:02:36
1:02:36
Play later
Play later
Lists
Like
Liked
1:02:36
Summary Hosts Andy and Adam discuss the structure of enterprise agreements, the differences between Office 365 and Microsoft 365, and the transition from consumer-focused to enterprise-focused offerings. They explain the historical context of Microsoft's licensing evolution, the role of enterprise agreements, and the introduction of the Microsoft C…
…
continue reading
1
Shadow AI is already happening -- now what?
47:29
47:29
Play later
Play later
Lists
Like
Liked
47:29
Summary In this episode, Adam and Andy discuss various topics including Instagram's location sharing capabilities and the implications of AI in the workplace. They explore the challenges organizations face with AI adoption, the need for clear policies, and the importance of data security in protecting sensitive information. The conversation emphasi…
…
continue reading
1
Palo Alto acquires Cyberark, Sentinel News, MDTI is going to be FREE!
33:53
33:53
Play later
Play later
Lists
Like
Liked
33:53
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant developments in the cybersecurity landscape, including Palo Alto's acquisition of CyberArk, the introduction of Microsoft Sentinel's Data Lake feature, and the integration of Defender Threat Intelligence into existing Microsoft security solutions. They emp…
…
continue reading
1
SharePoint Server, Help Desk Security, Terminating IT Admins
52:20
52:20
Play later
Play later
Lists
Like
Liked
52:20
Summary In this episode, Adam Brewer and Andy Jaw discuss recent SharePoint vulnerabilities, the importance of data protection and governance, and the implications of the Clorox cyber attack. They explore the challenges of managing insider threats in IT, emphasizing the need for robust security measures and proactive communication with customers. T…
…
continue reading
1
Power grid vulnerabilities, To Catch a Thief, AI Bug Hunter
43:05
43:05
Play later
Play later
Lists
Like
Liked
43:05
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the vulnerabilities in solar technology, particularly focusing on smart inverters and their implications for power grids. They delve into the cybersecurity landscape, emphasizing China's role in technology transfer and its impact on national security. The conversation…
…
continue reading
1
Windows Kernel & AV/EDR, BSOD Rebrand, Easier 3rd Party Updates
23:26
23:26
Play later
Play later
Lists
Like
Liked
23:26
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss significant updates from Microsoft, focusing on security enhancements, the evolution of the blue screen of death, and new options for consumers regarding extended security updates. They also explore a new update orchestration platform aimed at improving the user exper…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the recent layoffs at Microsoft and the broader implications for the tech industry. They share personal experiences and insights on navigating job loss, the randomness of layoffs, and the importance of preparation. The conversation also covers practical advice for job…
…
continue reading
1
CIAM Deployment Guide; external authentication methods
26:54
26:54
Play later
Play later
Lists
Like
Liked
26:54
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the intricacies of Entra External ID, a customer identity and access management solution. They discuss the importance of security considerations in application development, the risks associated with customer-facing technologies, and the need for effective authentic…
…
continue reading
1
Securing AI Agents; Using AI Agents for Security
29:31
29:31
Play later
Play later
Lists
Like
Liked
29:31
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the emerging concept of AI agents, their implications for security, and how Microsoft is integrating these technologies into their solutions. They explore the evolution of AI from simple prompt-response interactions to autonomous agents capable of making decisions and…
…
continue reading
1
JP Morgan's CISO open letter, Microsoft & Crowdstrike working together on threat intel
38:31
38:31
Play later
Play later
Lists
Like
Liked
38:31
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the implications of JP Morgan's open letter to SaaS vendors, emphasizing the need for improved security practices in the software industry. They explore the challenges posed by the SaaS model, the importance of collaboration among security practitioners, and Microsoft…
…
continue reading
1
Microsoft Deputy CISOs, Defending Identity Attacks
39:22
39:22
Play later
Play later
Lists
Like
Liked
39:22
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss the formation and function of the Cybersecurity Governance Council at Microsoft, highlighting the roles of various deputy CISOs and their focus on specific security areas. They delve into misconceptions in cybersecurity, the importance of shared responsibility, and th…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam delve into the critical aspects of Windows security, focusing on the recently published Windows 11 security book. They discuss various security features, including hardware security, operating system enhancements, application security, identity protection, privacy features, a…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam discuss various Microsoft news topics, including the upcoming end of life for Windows 10 and the options for extended security updates. They also delve into the exciting news of the Windows Subsystem for Linux becoming open source, the discontinuation of password autofill in …
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy and Adam delve into Microsoft's new feature, Security Exposure Management (XSPM). They discuss the evolution of vulnerability management, the importance of understanding exposure management, and the five phases of continuous threat exposure management. The conversation also covers lic…
…
continue reading
1
Administrator protection on Windows 11, Multi-tenancy in Unified SOC
28:29
28:29
Play later
Play later
Lists
Like
Liked
28:29
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the new security features of Windows 11, focusing on Administrator Protection and its implications for user privilege management. They also explore the advancements in Microsoft Sentinel, particularly the introduction of multi-tenancy and workspace manag…
…
continue reading
1
Microsoft's Secure by Design journey - One year of success
44:15
44:15
Play later
Play later
Lists
Like
Liked
44:15
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft's Secure Future Initiative (SFI), which aims to enhance security standards across its products and services. They delve into the implementation of mandatory multi-factor authentication, the transition to passwordless accounts, and the adoption of …
…
continue reading
1
Quick Recovery, Hotpatch, Copilot Podcast
35:38
35:38
Play later
Play later
Lists
Like
Liked
35:38
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the new Quick Recovery feature in Windows 11, which automates device remediation during critical failures. They explore its implications for cybersecurity, the Windows Resiliency Initiative, and the importance of user feedback in feature development. The co…
…
continue reading
1
CVE Program under fire, NLRB whistleblower, Microsoft Zero-Day
30:25
30:25
Play later
Play later
Lists
Like
Liked
30:25
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical updates in cybersecurity, focusing on the funding crisis of the CVE program, concerns over government efficiency and data security, and the recent Microsoft CLFS vulnerability that led to ransomware threats. They emphasize the importance of maintai…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their sec…
…
continue reading
1
Automatic Attack Disruption with OAuth Protection
32:26
32:26
Play later
Play later
Lists
Like
Liked
32:26
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigatin…
…
continue reading
Summary In this episode, Andy and Adam discuss a significant breach of sensitive military information that was leaked through a Signal chat involving high-level government officials. They explore the implications of this breach, the role of technology in government security, and the human errors that led to the violation of established policies. Th…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft Entra's conditional access. They explore the fundamental concepts of conditional access, its policies, and the integration of identity management with device management. The discussion highlights the importance of risk assess…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the complexities of granting secure access to third-party vendors and contractors. They discuss the best practices for managing elevated permissions, the implications of B2B collaboration, and the importance of lifecycle management for contractor account…
…
continue reading
1
Next-Gen Logging for the Next-Gen SIEM with Special Guest Karl Niblock
57:00
57:00
Play later
Play later
Lists
Like
Liked
57:00
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with cybersecurity architect Karl Niblock to discuss the evolution of logging practices in security information and event management (SIEM) systems. The conversation explores the shift from a 'log everything' mentality to a more strategic approach that empha…
…
continue reading
1
Defender Experts with Special Guest Raae Wolfram
1:05:21
1:05:21
Play later
Play later
Lists
Like
Liked
1:05:21
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer engage with Ray Wolfram, Senior Product Manager for Defender Experts at Microsoft. Ray shares her extensive background in healthcare IT and cybersecurity, detailing her journey to Microsoft and the impact of COVID-19 on the cybersecurity landscape. The conversation…
…
continue reading
1
UK vs Apple on Encryption, MITRE Eval results, How to Rethink Phishing Simulations
1:06:16
1:06:16
Play later
Play later
Lists
Like
Liked
1:06:16
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the ongoing battle between governments and tech companies over encryption, focusing on Apple's recent response to the UK government's demands for access to iCloud data. They explore the implications of Apple's decision to disable advanced data protection fo…
…
continue reading
1
FBI warns about unencrypted messaging, Deepseek discussion
45:49
45:49
Play later
Play later
Lists
Like
Liked
45:49
Summary In this episode, Andy and Adam discuss the evolution of messaging security, focusing on end-to-end encryption and the implications of RCS messaging. They explore the recent market reactions to AI developments, particularly the impact of the DeepSeek app on Nvidia's stock value and delve into the nuances of AI model efficiency and its potent…
…
continue reading
1
CISA guidance on securing CI/CD pipelines
31:56
31:56
Play later
Play later
Lists
Like
Liked
31:56
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the importance of securing CI/CD environments, highlighting the risks associated with these systems and the best practices for mitigating vulnerabilities. They delve into specific threats, including insecure code and supply chain compromises, and emphasize …
…
continue reading
1
Microsoft Fasttrack with Special Guest Thomas Finney
47:47
47:47
Play later
Play later
Lists
Like
Liked
47:47
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss Microsoft FastTrack with guest Thomas Finney. They explore the benefits and eligibility of FastTrack, which is designed to help organizations adopt and deploy Microsoft 365 services. The conversation covers various aspects of FastTrack, including various Mi…
…
continue reading
1
Microsoft Industry Solutions Delivery with Special Guest Brodie Cassell
1:04:01
1:04:01
Play later
Play later
Lists
Like
Liked
1:04:01
Summary In this episode of the Blue Security Podcast, host Andy Jaw and co-host Adam Brewer welcome Brodie Cassell, a principal security consultant at Microsoft. Brodie shares his journey from various IT roles to his current position at Microsoft, discussing the importance of adapting to new technologies and the challenges of data security in the a…
…
continue reading
1
CISA zero trust, macOS malware, IRS PIN, Cyber Trust Mark
48:40
48:40
Play later
Play later
Lists
Like
Liked
48:40
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the Zero Trust Maturity Model and its implications for organizations looking to enhance their cybersecurity posture. They delve into CISA's guidance and Microsoft's mapping of this model, emphasizing the importance of prescriptive guidance in navigating the…
…
continue reading
Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the latest cybersecurity trends, focusing on CISA's Scuba Project and its implications for federal agencies. They explore the transition to cloud-based passwordless authentication, the Binding Operational Directive 25-01, and provide prescriptive guidance f…
…
continue reading
